Skip to main content
webhook.co ships official, typed SDKs in three languages. Each is generated from the same OpenAPI contract as the API and the API reference, so a method never drifts from the endpoint behind it, and each carries the same hardening so you don’t reimplement it three times.

TypeScript

npm install @webhook-co/sdk

Python

pip install webhook-co

Go

go get github.com/webhook-co/webhook-go

What every SDK gives you

  • Bearer auth, taken once at construction and attached to every request — and redacted from errors and debug output, so a key never lands in a log.
  • Bounded retries with jitter on transient failures (429/502/503/504 and network errors), honoring Retry-After, and never blind-retrying a non-idempotent write. See rate limits.
  • Cursor pagination as a lazy async iterator — for-loop an endpoint’s entire event history without touching a cursor.
  • Idempotency on replays: a fresh key per call, so a retried replay is safe.
  • Typed errors — every failure is a WebhookError subclass you can narrow by type, carrying code, status, and requestId.

Which surface should I use?

The SDKs, the REST API, the wbhk CLI, and MCP all bind the same capability contract — pick by runtime, not by feature. Use an SDK inside an application, the CLI for scripts and local development, the API from anything that speaks HTTP, and MCP from an agent. A capability on one is a capability on all.